AzPolicyAdvertizer

last sync: 2022-Dec-02 17:43:06 UTC

Azure Policy definition

[Deprecated]: Unattached disks should be encrypted

Name [Deprecated]: Unattached disks should be encrypted
Azure Portal
Id 2c89a2e5-7285-40fe-afe0-ae8654b92fb2
Version 1.0.0-deprecated
details on versioning
Category Compute
Microsoft docs
Description This policy audits any unattached disk without encryption enabled.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated True
Effect Default
Audit
Allowed
Audit, Disabled
RBAC
Role(s)		 none
Rule
Aliases		 IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/disks/diskState Microsoft.Compute disks properties.diskState false
Microsoft.Compute/disks/encryptionSettingsCollection.enabled Microsoft.Compute disks properties.encryptionSettingsCollection.enabled true
Rule
ResourceTypes		 IF (1)
Microsoft.Compute/disks
Compliance The following 1 compliance controls are associated with this Policy definition '[Deprecated]: Unattached disks should be encrypted' (2c89a2e5-7285-40fe-afe0-ae8654b92fb2)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
Azure_Security_Benchmark_v1.0 4.8 Azure_Security_Benchmark_v1.0_4.8 Azure Security Benchmark 4.8 Data Protection Encrypt sensitive information at rest Customer Use encryption at rest on all Azure resources. Microsoft recommends allowing Azure to manage your encryption keys, however there is the option for you to manage your own keys in some instances. Understand encryption at rest in Azure: https://docs.microsoft.com/azure/security/fundamentals/encryption-atrest How to configure customer managed encryption keys: https://docs.microsoft.com/azure/storage/common/storage-encryption-keys-portal n/a link 7
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-10-19 19:10:32 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated BuiltIn
JSON
changes

JSON